Setting #![windows_subsystem = "windows"], processes will not be spawned under Windows server 2008 SYSTEM privileges.

rust-lang / rust

Empowering everyone to build reliable and efficient software.

https://www.rust-lang.org

Other

96.95k stars 12.53k forks source link

Setting #![windows_subsystem = "windows"], processes will not be spawned under Windows server 2008 SYSTEM privileges. #113851

Open b1nhack opened 1 year ago

b1nhack commented 1 year ago

I tried this code:

#![windows_subsystem = "windows"]

use std::process;

fn main() {
    process::Command::new("notepad.exe").spawn().unwrap();
}

I expected to see this happen: Setting #![windows_subsystem = "windows"], processes will not be spawned under Windows server 2008 SYSTEM privileges.

Meta

rustc --version --verbose:

rustc 1.70.0 (90c541806 2023-05-31)
binary: rustc
commit-hash: 90c541806f23a127002de5b4038be731ba1458ca
commit-date: 2023-05-31
host: x86_64-pc-windows-msvc
release: 1.70.0
LLVM version: 16.0.2

Backtrace

``` Because of the specification of #![windows_subsystem = "windows"], so I can't see the backtrace ```

bjorn3 commented 1 year ago

What processes do you expect to not be spawned?

b1nhack commented 1 year ago

What processes do you expect to not be spawned?

everyting

bjorn3 commented 1 year ago

I don't understand the issue you are having. Please give a concrete example of a process that shouldn't have started.

b1nhack commented 1 year ago

I don't understand the issue you are having. Please give a concrete example of a process that shouldn't have started.

notepad.exe is one

bjorn3 commented 1 year ago

If you run your program with SYSTEM privileges and your program then runs notepad.exe, it is expected that notepad.exe will also run with SYSTEM privileges. Programs inherit the privileges level of their parent by default.

If you don't run your program with SYSTEM privileges and yet notepad.exe somehow runs with SYSTEM privileges, that is not a bug in rust, but one in Windows. It shouldn't be possible for an unprivileged user to run arbitrary programs with the highest possible privilege level.

b1nhack commented 1 year ago

No, I mean only under Windows Server 2008, and running with SYSTEM privileges.

bjorn3 commented 1 year ago

Do you run your own program with SYSTEM privileges?

b1nhack commented 1 year ago

#![windows_subsystem = "windows"]

use std::process;

fn main() {
    process::Command::new("notepad.exe").spawn().unwrap();
}

This code is compiled into a binary program (*.exe). Note: MSVC toolchain needs to specify "-C", "target-feature=+crt-static" flag to be compatible with Windows server 2008. The compiled exe, under Windows server 2008 with administrator privileges can normally spawn a notepad.exe process.

Using processhacker runas a cmd.exe with SYSTEM privileges, executing the compiled exe in a cmd with SYSTEM privileges will not spawn a notepad.exe process. And this problem only occurs if you specify #![windows_subsystem = "windows"].

ChrisDenton commented 1 year ago

Have you tried nightly rust?

b1nhack commented 1 year ago

Not yet

workingjubilee commented 1 year ago

Note: Windows 2008 is based on Windows Vista which is out of our support range, unless you mean Windows 2008 R2, which is based on Windows 7 and is currently considered a "best effort" support target. These are also End of Support for Microsoft as well, unfortunately.

It would be useful to confirm if this problem is still active on Windows 10, Windows 11, or their "Windows Server" derivatives.

b1nhack commented 1 year ago

I am referring to Windows Server 2008 R2, after my testing, Windows 10 does not have this issue.

workingjubilee commented 1 year ago

Then this issue will be "fixed" in ~7 months by https://github.com/rust-lang/compiler-team/issues/651